How can a program delete itself?

the delete operation is not performed by the program itself, but the OS
>lmao just create another file to delete the file
but thats unneccessary

>windows is a safer OS
what makes you think that my dude?

What I did was
>write own folder path / filename into another file
>program opens another program that deletes the file at that written down location (and closes itself)

Now you're stuck with a second program, but that was my intention in the first place

rm -rf / --no-preserve-root

here my friend, take a look at this
en.wikipedia.org/wiki/Architecture_of_Windows_NT

... done reading? great, now is the point where you should come to the realization that what you actually want is by too difficult to handle for you

So you're saying there's a chance?

The operating system carries out the deletion as requested the program. Additionally in the example you show that's an interpreted script, the text of that file will first be loaded into the memory of an interpreter process and then that process will ask the operating system to do the deletion.

if there is a will there is also a way
what you actually want is something far more complex than a 'program that deletes itself', that thing is just a small subsection of what you have planned (just wild guessing on my part here). your initial request is quite simple, and yes, well possible, based on the fact that the program is not really deleting itself, but more precisely, requesting to be removed by parts of your operating system.
i am however afraid that this wont suffice.

>Trying to do it in Windows without a second file
there's a way but it requires reboot.

you call MoveFileEx api, give your path as first parameter, NULL as second parameter and MOVEFILE_DELAY_UNTIL_REBOOT flag as last parameter.

this is how windows updates .dll's and shit while it's running. now you know why you should restart your pc after a windows update.

i will be a bit more precise, if your 'program' is a script or something that is interpreted, the barrier of removing the file from which the 'remove request' originates is simple, since the execution is handled by the interpreter ().
if you have a compiled program like *.exe than, without investing too much thought, i would say that you will need a combination of 'stopping the process', while simultaneously queuing the 'removal request', this is necessary since active running processes should be prevented from deletion as long as they are active and running.
maybe an small external script can actually be useful here, so i would say : "script kills the main process", "wait until complete (poll state of main process)", "remove main process executable", "wait for success (not required)", "script requests beeing removed", "end"

>now you know why you should restart your pc after a windows update
The restart is more about, you know, getting the updated code to actually start running.

maybe op can tell us why he needs a 'program that deletes itself'

Why wouldn't it be able to?

thanks the file is deleted!

sudo rm /bin/rm

He's writing his own hackjob install program, or he fancies himself the next Wannacry millionaire.

works great on linux

You program it to remove its source code and/or compiled code on the disk while the program itself is executing in memory. Its ridiculously simple actually.

+1 on leenuks, but on winblows this will require a bit more thought

test

drop it in the Temp folder

windows puts an exclusive lock on running binaries iirc

>MOVEFILE_DELAY_UNTIL_REBOOT
neat

inject a thread into an existing process that waits until your program has exited and then deletes it.

What the...
I made a file that can delete itself, and when I try to post it, I get this.
But when I post normally, it works just fine.

Attached: ss_2018-11-17_at_13.39.50.png (770x267, 21K)

Okay it seems that Jow Forums bugs out when I try to post the code, so it's in this pastebin pastebin.com/RD1zVeyj

Attached: ss (2018-11-17 at 13.37.22).webm (734x620, 447K)

post a screenshot of the file

>windows puts an exclusive lock on running binaries iirc
yes, im aware, as implied in ()
>inject a thread into an existing process that waits until your program has exited and then deletes it.
this just makes the whole thing 10 times more difficult
im afraid that this is whats happening, and the madlad of op is currently on the best way of producing an horrid shitmess
maybe try this op :

uploaded it to pastebin instead

Attached: ss (2018-11-17 at 13.46.51).png (567x112, 7K)

>ahk
OH NONONONO
dont tell me that is your masterplan for world domination op? i have to kindly request you to stop

>this just makes the whole thing 10 times more difficult
but cleaner and potentially more difficult to detect than dropping some nasty ass script to disk

No I'm just some user who took up the challenge
My actual masterplan is
>run timeout 1 && del file
>exit self
The program will exit before cmd timeout finishes and deletes the file.
Only reason I used keyboard input of ahk is because using the run command directly didn't recognize the && command that chains together the timeout with the delete, so I made it just type it instead

>inject a thread into an existing process that waits until your program has exited and then deletes it.
that actually works but too much effort for a simple task.

The program is loaded into memory, it doesn't read from the file directly.

If you add "echo DELETED" to the end of the script there it will delete the file, and still be able to print 'DELETED'

>potentially more difficult
lol no, if a process has CreateRemoteThread it's flagged malicious automatically. it's number one method of dll injecting.

Through a separate .bat

dont get me wrong, technically speaking you are absolutely correct, but im afraid that this is, by all honours, not in the 'scope' of what i deem op capable of
@opie
before you pointlessly fuck around, whit something that will unlikely produce the result you want, have a look at this
github.com/ytisf/theZoo
whatever you want to do should be pointing in that direction i assume, start reading some source code (preferrably of rootkits, since they are highly complex and reqire a deep understanding of the nt kernel) and then resume with your 'project'

also this

You underestimate Microsoft's stupidity.

Funny how they keep moving shit into kernel mode.
Microkernels BTFO.

Make it add an entry to autostart that creates a file deleting the malware itself.

When the program runs it is loaded into memory. The program can then delete its files and then exit.

> what are programs and processes?

the absolute state of Jow Forums

Theres no way thats possible. Loading the instructions into memory is part of the architecture itself. Windows cant have fucked things up so badly that a program can't refer to its source during execution.

Just use an interpreted language like mentioned, deleting a compiled ruby script just required me to use the rm command.
file = $0.split("/").last
filename = File.basename(file, File.extname(file))

3.times { |i| puts "Deleting itself in #{i+1}..."; sleep 0.5 }

exit if defined? Ocra

system "rm #{filename}.exe"

Attached: ConEmu_2018-11-17_14-45-57.png (213x335, 7K)

It can, but to edit or delete it, you'll need to use some workarounds.

yes, as i stated for interpreted languages this is quite easy, something in python could look like link related :
stackoverflow.com/questions/10112601/how-to-make-scripts-auto-delete-at-the-end-of-execution
(preferrably the method using subprocess)
the only thing that is required, is the part where the script terminates the main program and removes the main executable. the main program still would need to create the script file and execute it. a necessary requirement for a script language of your choice is an interpreter on the system where you intend to run the script. depending on your choice this could be a barrier.

there are some registry keys, uninstall.exe programs use them for example, but they require restart of windows

Because when the program is ran it is first loaded into memory, and so the program can do whatever it wants to it's own image file unless it opens a file lock on it.

10 uber cabs were late for this thread

>load program into memory
>delete the file on the HDD

It's easy? If you can't do that, it's an OS issue, not a programming one.

Linux:
rm -f "$0"

Windows:
Add itself to PendingRenameOperations in the registry and then prompt the user to reboot to complete uninstallation.

how can you kill yourself?

OS load executable file to ram
Program in ram delete file from disk
Program exits
OS cannot load executable into ram anymore because file doesn't exists anymore

It might be fun to write a program overwriting zero's over itself in ram.